Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/KqBOjvFD9q53_La4sgATDz8NxVg.roa
File: KqBOjvFD9q53_La4sgATDz8NxVg.roa (raw, json)
Hash identifier: aJL72sC19bLyIw2lSLNOLnYEHoE5hBaRWow5gZ7cP1Y=
Subject key identifier: 2A:A0:4E:8E:F1:43:F6:AE:77:FC:B6:B8:B2:00:13:0F:3F:0D:C5:58
Certificate issuer: /CN=1fe02dbee62c98f01f20f4770d16a47f79abe32c
Certificate serial: 01856CB82BF9C1A2215B2590E4288D7B1F83
Authority key identifier: 1F:E0:2D:BE:E6:2C:98:F0:1F:20:F4:77:0D:16:A4:7F:79:AB:E3:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/KqBOjvFD9q53_La4sgATDz8NxVg.roa
Signing time: Sun 01 Jan 2023 09:44:47 +0000
ROA not before: Sun 01 Jan 2023 09:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41495
IP address blocks: 46.227.200.0/21 maxlen: 24
185.134.196.0/22 maxlen: 24
2a01:9e00::/29 maxlen: 32
2a01:9e00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:2b:f9:c1:a2:21:5b:25:90:e4:28:8d:7b:1f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe02dbee62c98f01f20f4770d16a47f79abe32c
Validity
Not Before: Jan 1 09:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aa04e8ef143f6ae77fcb6b8b200130f3f0dc558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:52:f2:cf:86:89:00:b2:a5:14:ca:63:90:aa:
8a:0a:67:81:cd:15:fd:ec:14:05:02:01:19:47:11:
0e:03:05:25:94:42:08:54:b9:40:72:38:10:1c:44:
87:1b:b8:00:77:9c:13:6f:67:cc:99:cb:58:70:b6:
57:86:07:8e:e2:ee:26:16:b0:89:47:91:55:a4:67:
48:78:91:fe:f6:1b:8b:27:73:67:c1:87:60:8e:47:
c1:eb:d3:c8:e2:ee:6c:f1:6a:22:0b:74:44:30:f3:
4d:21:e6:f9:bb:9f:3d:a0:95:5f:13:8b:0c:e8:82:
e6:88:eb:3b:1a:15:c2:b7:ef:51:cd:df:64:6a:da:
11:6f:77:52:d2:3f:5b:bd:8a:2c:f5:6b:19:f6:46:
10:91:16:a1:c7:86:e5:fa:1d:5d:12:f7:78:20:ef:
62:5d:b2:e2:aa:51:56:d1:fb:48:b8:6e:0b:55:a0:
26:a8:8d:5e:25:eb:cd:b2:32:45:c6:e7:54:3d:67:
9a:63:79:4d:c7:96:06:01:66:b3:1b:da:3a:dc:83:
7c:42:44:12:0a:8a:ee:7a:d2:0e:52:85:f9:2d:51:
51:10:76:23:61:1b:4d:88:e1:b1:8d:39:93:8a:55:
83:84:cc:c8:2a:d3:39:57:d3:4d:4a:5c:7d:40:0f:
9d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A0:4E:8E:F1:43:F6:AE:77:FC:B6:B8:B2:00:13:0F:3F:0D:C5:58
X509v3 Authority Key Identifier:
keyid:1F:E0:2D:BE:E6:2C:98:F0:1F:20:F4:77:0D:16:A4:7F:79:AB:E3:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/KqBOjvFD9q53_La4sgATDz8NxVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/H-AtvuYsmPAfIPR3DRakf3mr4yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.200.0/21
185.134.196.0/22
IPv6:
2a01:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
70:90:a1:9f:5b:e0:87:4b:69:e8:10:1a:2d:39:65:b5:e6:9b:
ee:22:ba:ce:48:27:91:45:38:85:78:c7:27:25:31:41:35:ee:
ed:ee:d5:3d:46:f7:ea:75:5b:27:7e:5a:ce:d3:86:4d:1f:d1:
25:b2:a8:b8:bc:be:cb:c9:79:5f:4f:db:ad:7b:f2:d6:3e:49:
f0:9b:46:a8:1f:2e:da:a6:1c:ea:d8:45:b1:09:f1:1f:c8:8a:
ae:96:a8:48:22:aa:45:69:23:19:c8:50:f4:95:16:ab:49:32:
76:1d:2c:6b:af:b9:9b:bb:03:86:22:20:b9:cb:ec:19:40:b5:
51:c2:95:71:ff:57:13:d1:f1:df:38:9a:1d:13:1a:af:59:05:
69:d7:2b:ac:96:7c:26:a2:99:43:55:b0:b9:f3:13:76:59:cd:
1c:71:55:22:36:70:47:55:e8:9e:b7:35:e1:fb:25:66:5f:58:
4f:78:04:55:5a:2d:50:e0:b3:73:ce:9d:2a:eb:55:10:6f:b9:
f2:f0:42:d8:3d:9f:64:74:06:30:a2:31:93:c6:50:f5:af:8e:
b6:0c:59:b4:f7:31:cd:bf:d0:35:cf:2a:76:29:87:56:2a:e6:
cb:af:4e:80:18:9c:dc:d3:a6:79:08:ce:bb:58:28:13:39:9f:
31:9c:9b:f6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsuCv5waIhWyWQ5CiNex+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTAyZGJlZTYyYzk4ZjAxZjIwZjQ3NzBkMTZhNDdmNzlh
YmUzMmMwHhcNMjMwMTAxMDk0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWEwNGU4ZWYxNDNmNmFlNzdmY2I2YjhiMjAwMTMwZjNmMGRjNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VLyz4aJALKlFMpjkKqKCmeBzRX9
7BQFAgEZRxEOAwUllEIIVLlAcjgQHESHG7gAd5wTb2fMmctYcLZXhgeO4u4mFrCJ
R5FVpGdIeJH+9huLJ3NnwYdgjkfB69PI4u5s8WoiC3REMPNNIeb5u589oJVfE4sM
6ILmiOs7GhXCt+9Rzd9katoRb3dS0j9bvYos9WsZ9kYQkRahx4bl+h1dEvd4IO9i
XbLiqlFW0ftIuG4LVaAmqI1eJevNsjJFxudUPWeaY3lNx5YGAWazG9o63IN8QkQS
CoruetIOUoX5LVFREHYjYRtNiOGxjTmTilWDhMzIKtM5V9NNSlx9QA+d8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCqgTo7xQ/aud/y2uLIAEw8/DcVYMB8GA1UdIwQY
MBaAFB/gLb7mLJjwHyD0dw0WpH95q+MsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1BdHZ1WXNtUEFmSVBSM0RSYWtmM21yNHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hMTJhMzAtZDYwZi00MDMyLTg4NjMt
MjEyNTNlYTlmM2E0LzEvS3FCT2p2RkQ5cTUzX0xhNHNnQVREejhOeFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hMTJhMzAtZDYwZi00MDMyLTg4NjMtMjEyNTNlYTlmM2E0
LzEvSC1BdHZ1WXNtUEFmSVBSM0RSYWtmM21yNHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLuPIAwQC
uYbEMA0EAgACMAcDBQMqAZ4AMA0GCSqGSIb3DQEBCwUAA4IBAQBwkKGfW+CHS2no
EBotOWW15pvuIrrOSCeRRTiFeMcnJTFBNe7t7tU9RvfqdVsnflrO04ZNH9Elsqi4
vL7LyXlfT9ute/LWPknwm0aoHy7aphzq2EWxCfEfyIqulqhIIqpFaSMZyFD0lRar
STJ2HSxrr7mbuwOGIiC5y+wZQLVRwpVx/1cT0fHfOJodExqvWQVp1yuslnwmoplD
VbC58xN2Wc0ccVUiNnBHVeietzXh+yVmX1hPeARVWi1Q4LNzzp0q61UQb7ny8ELY
PZ9kdAYwojGTxlD1r462DFm09zHNv9A1zyp2KYdWKubLr06AGJzc06Z5CM67WCgT
OZ8xnJv2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:19 2025 by rpki-client